CVE advisoryCRITICAL
CVE-2023-29863
Medisys Weblab SQL Injection Vulnerability in WSDL Files
Halo Surface Signal: 2 out of 5 — less likely to be public-facing.
A SQL injection vulnerability exists in Medical Systems Co. Weblab Products' WSDL files via the `tem:statement` parameter. This could allow an unauthenticated attacker to inject malicious SQL commands, potentially leading to unauthorized access or modification of data. The relevance of this vulnerability depends on whe